Council for the Registration of Schools Teaching Dyslexic Pupils (CReSTeD) understands your concerns over the privacy of Personal Data you may submit through the use of this website.
This policy provides you with information about what types of information is collected, what tracking takes place, how we use the collected information and with whom we share the information.
By providing Personal Data to CReSTeD via this website, over the phone, by email or in person you agree to the terms and conditions of this policy.
Personal Data is anything which identifies you as an individual, either on its own or by reference to other information. We may collect the following Personal Data from you when you use our website:
A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser, and stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server. This enables the web server to identify and track the web browser.
We use "session" cookies on the website. Session cookies will be deleted from your computer when you close your browser.
We will use the session cookies to: keep track of you whilst you navigate the website; prevent fraud and increase website security.
Most browsers allow you to reject all cookies, whilst some browsers allow you to reject just third party cookies. For example, in Internet Explorer you can refuse all cookies by clicking "Tools", "Internet Options", "Privacy", and selecting "Block all cookies" using the sliding selector. Blocking all cookies will, however, have a negative impact upon the usability of many websites.
We will use the Personal Data for the purpose of:
The duration for which we retain the Personal Data will differ depending on the type of data and the reason why it was submitted. However, in some cases Personal Data may be retained on a long term basis: for example, if you use our services basic Personal Data about you will normally be retained for so long as you receive those services from us, and Personal Data that we need to retain for legal purposes will normally be retained for at least six years in accordance with usual commercial practice and regulatory requirements.
We may disclose information about you to other organisations who provide specific business services to us.
Such organisations are required to handle your Personal Data in accordance with applicable laws related to privacy and data protection.
Service providers – organisations who require your Personal Data in order to deliver the services which you have requested from us.
Payment Gateways – used to facilitate the payment for services. The organisation will only have access to the Personal Data you provide directly to them when you make a credit card payment. We will not collect or store credit card details.
General Service providers – who provide specific, ad-hoc services to us. For example, courier services.
Cloud Service Providers - who host bespoke business applications that allow us to improve the efficiency and effectiveness of our general business activities.
Auditors - used to validate our compliance with the Vendor’s contractual Terms and Conditions. For example, Personal Data (email address) may be used to confirm our licence management procedures are correct.
Other persons or organisations permitted or required by applicable law or regulation.
Information which you provide may be transferred to countries which do not have data protection laws equivalent to those in force in the European Economic Area.
We will only transfer Personal Data when satisfactory safeguards are in place.
You have the right to:
We will never knowingly collect Personal Information from minors (children under 16 years of age, or any other age defined under applicable law). If we become aware that a minor is attempting to or has submitted Personal Information, we will notify them that we will not accept his or her Personal Information. We will then remove any such Personal Information from our records.
Please let us know if the Personal Data which we hold about you needs to be corrected or updated. Failure to inform us of a change to your Personal Data may result in the suspension, or withdrawal, of your services.
In the unlikely event that you have a complaint about our treatment of your Personal Data, it will be dealt with in accordance with our complaints handling procedure. You should contact the CReSTeD Administrator, who will respond to you within 28 days.
If we are unable to resolve your complaint, you may make a complaint to the Information Commissioner’s Office. Please see https://ico.org.uk/for-the-public/raising-concerns for more information.
The data controller responsible in respect of the information collected on this website is CReSTeD Administrator, c/o Helen Arkell Dyslexia Centre, Arkell Lane, Farnham, Surrey, GU10 3BL.
If you opted to receive any communications from us, but have subsequently changed your mind, please contact us in writing to:
c/o Helen Arkell Dyslexia Centre,
or by using the email firstname.lastname@example.org